Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment.
The auditor’s BEST course of action would be to determine if:
A . the domain controller was classified for high availability.
B . the network traffic was being monitored.
C . the patches were updated.
D . the logs were monitored.
Answer: D